Firewalls Don't Stop Dragons Podcast

In this engaging conversation, Paul Roberts, a cybersecurity journalist and founder of the Secure Resilient Future Foundation, discusses the pressing issue of insecure IoT devices. He highlights the dangers of abandoned devices as tech time bombs that can lead to botnets and national security risks. Paul advocates for the right to repair, explaining how it can enhance security and longevity. He also emphasizes the need for transparency in device support lifecycles and the responsibilities of ISPs in maintaining hardware, offering practical solutions for listeners to get involved.

Discover the innovative world of Ente Photos, a private app designed with user privacy at its core. Hear from founder Vishnu about his mission to challenge the ad-tech giants and provide a sustainable, non-surveillance alternative. Learn about end-to-end encryption and how Ente safeguards your data while enabling seamless integration on different platforms. Delve into the complexities of migrating from mainstream photo services and the challenges of maintaining privacy. Plus, get a sneak peek at upcoming features aimed at enhancing your secure photo experience!

Discover techniques for uncovering old, forgotten online accounts and enhancing security. Dive into the troubling implications of new technologies, like Samsung's ad-laden smart fridges and automated sextortion spyware. Explore privacy concerns surrounding employee monitoring and government data access. Good news emerges with hardware advancements in the Pixel 10 and iPhone 17. Stay informed about the EU vote on chat control that could impact encrypted communication.

Artificial Intelligence (AI) is the Big Tech buzzword of the day. Every company who wants investment (public or private) is scrambling to have an “AI story”, adding chatbots and ‘agentic’ features in their products wherever possible. The AI companies themselves are constantly expanding their models, ingesting as much data (including highly personal information) as possible. In this AI gold rush, companies are making flawed and often harmful products. Companies are firing workers and trying to replace them with AI bots. And it’s forcing us all to question what’s real, what has actual value, and what the impacts could and should be on society as a whole. Discussing deep questions like this is the purview of philosophers – and today I’ll be welcoming back someone uniquely and supremely qualified to address them, Carissa Véliz. Interview Notes Carissa Véliz: https://www.carissaveliz.com/  Privacy is Power: https://www.carissaveliz.com/books  Carissa’s research: https://www.carissaveliz.com/research  Moral Zombies: https://link.springer.com/article/10.1007/s00146-021-01189-x  ChatGPT suicide: https://www.nytimes.com/2025/08/26/technology/chatgpt-openai-suicide.html  TESCREAL: https://en.wikipedia.org/wiki/TESCREAL  John Oliver on AI Slop: https://www.youtube.com/watch?v=TWpg1RmzAbc  Proton Lumo: https://proton.me/blog/lumo-ai  EU’s “public good” LLM: https://ethz.ch/en/news-and-events/eth-news/news/2025/07/a-language-model-built-for-the-public-good.html  Further Info My book: https://fdsd.me/book  My newsletter: https://fdsd.me/newsletter  Support the mission: https://fdsd.me/support  Give the gift of privacy and security: https://fdsd.me/coupons  Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch  Table of Contents 0:00:00: Intro 0:05:09: What does “artifical intelligence” really mean? 0:13:21: Should STEM degrees require ethics training? 0:17:20: Does anthropomorphising AI undermine our discourse? 0:22:35: What is the TESCREAL view of AI? 0:28:09: Can we infuse AI tools with human morality? 0:34:31: What are the dangers of training AI on copyrighted works? 0:42:16: What happens when AI starts ingesting it’s own output? 0:44:27: Can we make AI systems that are truly private? 0:48:08: How should we assign liability for AI harms? 0:51:06: Is AI eroding our ability to trust anything? 0:54:06: What happens when AI obviates the need to work at all? 1:00:00: How do we maximize the benefits and minimize the harms of AI? 1:03:20: Interview wrap-up 1:06:06: Patron podcast preview 1:07:08: Looking ahead

Delve into the world of online security as the discussion kicks off with the importance of using password managers to track all your accounts, including those long-forgotten. Explore alarming trends like Android malware spreading through Facebook ads and critical Google updates that affect app security. There's a spotlight on ethical concerns surrounding AI and the need for parental controls. Finally, uncover ways to minimize your digital footprint while navigating the complexities of privacy regulations and ensuring your data remains secure.

Join Cooper Quintin, security researcher at EFF, and The Gibson, founder of Hackers.Town, as they dive into the Rayhunter project, a groundbreaking tool aimed at detecting cellular surveillance. They discuss how our phones inadvertently broadcast our locations and the threats posed by cell site simulators. The conversation highlights privacy activism, the evolution of surveillance technologies, and practical steps individuals can take to protect their digital privacy. This engaging dialogue sheds light on the intersection of technology, activism, and community efforts.

Dive into the digital world as the hosts dissect the risks of online accounts and the concept of a 'data diet' to enhance your privacy. Learn about critical security flaws in Dell laptops and the potential privacy breaches with Meta scanning your photos. The discussion also highlights the struggles with data brokers and the impacts of the new EU chat control law. Plus, uncover the truth about car theft myths linked to privacy technology, and navigate the alarming vulnerabilities found in controversial dating apps.

Monique Priestley, a Vermont State Representative and consumer protection advocate, shares her experiences navigating the complex world of privacy legislation. She reveals the hurdles faced in passing the Vermont Data Privacy Act and the strategies used against powerful Big Tech lobbyists. Discover the importance of collaboration among legislators, challenges of balancing privacy rights with corporate protection, and lessons learned for future advocacy efforts. Monique sheds light on the need for transparency and citizen involvement in shaping meaningful privacy laws.

It’s early August, which means it’s time for BSides Las Vegas and DEF CON, part of the trio of conferences that make up “hacker summer camp” (the other being Black Hat, which I don’t attend). It’s been a crazy, chaotic week – as usual – but in almost completely good ways. After the regular news, I’ve got some mini interviews with Jake Braun (DEF CON Franklin), Stacey Higginbotham (Consumer Reports), Cooper Quitin (EFF) and The Gibson (Veilid and hackers.town). In other news: Tea app users file a class action lawsuit over massive breach; ChatGPT sessions may be searchable by anyone; US government launches initiative to centralize health data for use by tech companies; Australia rolls out age verification for search engines; Grok AI is now in Teslas; China-backed hackers exploit horrific Microsoft bug; Dropbox ends its password manager service. Article Links Tea User Files Class Action After Women’s Safety App Exposes Data https://www.404media.co/tea-user-files-class-action-after-womens-safety-app-exposes-data/ ChatGPT users shocked to learn their chats were in Google search results https://arstechnica.com/tech-policy/2025/08/chatgpt-users-shocked-to-learn-their-chats-were-in-google-search-results/ Trump administration is launching a new private health tracking system with Big Tech’s help https://apnews.com/article/trump-ai-rfk-jr-health-tech-fa73703bd1fd557c787ef0b590e151f1 Australia is quietly rolling out age checks for search engines like Google https://www.abc.net.au/news/2025-07-11/age-verification-search-engines/105516256 Grok is now in Tesla cars, but not in the way you think https://mashable.com/article/grok-tesla China-backed hackers used Microsoft flaw in attacks https://www.washingtonpost.com/technology/2025/07/21/china-hackers-microsoft-sharepoint/ Users left scrambling for a plan B as Dropbox drops Dropbox Passwords https://www.theregister.com/2025/07/30/dropbox_drops_dropbox_passwords/ Tip of the Week: https://firewallsdontstopdragons.com/how-to-backup-cloud-data/  Further Info Top hacker interviews: https://fdsd.me/hackers   DEF CON Franklin: https://defconfranklin.com/ EFF: https://www.eff.org/ Veilid: https://veilid.com/ Consumer Reports: https://securityplanner.consumerreports.org/ My book: https://fdsd.me/book  My newsletter: https://fdsd.me/newsletter  Support our mission! https://fdsd.me/support  Give the gift of privacy and security: https://fdsd.me/coupons  Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch  Table of Contents 0:00:00: Intro 0:02:24: News preview 0:03:31: Tea User Files Class Action Lawsuit 0:06:24: ChatGPT users shocked to learn their chats were in Google search results 0:11:11: Trump administration is launching a new private health tracking system 0:17:52: Australia is quietly rolling out age checks for search engines 0:22:56: Grok is now in Tesla cars, but not in the way you think 0:25:29: China-backed hackers used Microsoft flaw in attacks 0:29:50: Dropbox drops Dropbox Passwords 0:32:20: Tip of the Week 0:36:27: Hacker Summer Camp Extras! 0:42:53: SNIPPET: Stacey Higginbotham 0:47:03: SNIPPET: Jack Braun 0:50:18: SNIPPET: Cooper Quintin and Gibson 0:55:04: Wrapup

Cory Doctorow has garnered a lot of needed attention to the decline of modern online platforms, including Google Search, Facebook and Twitter. Much of this is a result of coining the now-viral term Enshittification. Today we’ll talk about how the internet was broken and who’s to blame. We’ll also discuss the lack of privacy laws and the threats of AI to tech workers and copyrighted works. Finally, we’ll discuss Cory’s novel proposal for how countries could respond to US tariffs by ripping up intellectual property agreements, changing the power dynamic of the Big Tech industry and hopefully benefiting consumers in the process. Interview Notes Cory’s blog (Pluralistic): https://pluralistic.net/  Canada shouldn’t retaliate with US tariffs: https://pluralistic.net/2025/01/15/beauty-eh/#its-the-only-war-the-yankees-lost-except-for-vietnam-and-also-the-alamo-and-the-bay-of-ham  Who Broke the Internet? https://www.cbc.ca/listen/cbc-podcasts/1353-the-naked-emperor  Enshittification book (coming Oct 2025): https://us.macmillan.com/books/9780374619329/enshittification/  Regex: https://en.wikipedia.org/wiki/Regular_expression  Copyright and AI: https://www.technologyreview.com/2025/07/01/1119486/ai-copyright-meta-anthropic/  Further Info Humble Bundle: https://www.humblebundle.com/books/security-apress-books  My book: https://fdsd.me/book  My newsletter: https://fdsd.me/newsletter  Support the mission: https://fdsd.me/support  Give the gift of privacy and security: https://fdsd.me/coupons  Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch  Table of Contents 0:00:00: Intro 0:02:07: Humble Bundle! 0:03:09: Interview preview 0:06:52: Has coining the term Enshittification helped to raise awareness? 0:11:08: Who broke the internet? 0:20:15: Will AI reduce tech workers’ power? 0:27:21: Why can we not get privacy laws? 0:35:21: How should countries respond to US tariffs? 0:39:57: Do DRM protections incentize creators? 0:44:37: What’s your take on the Anthropic AI copyright decision? 0:55:03: What’s next for you? 0:56:04: Interview wrap-up 0:57:27: Hacker summer camp 0:59:28: Patron podcast preview 1:00:24: Looking ahead